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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 
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earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)13 Responsive to communication(s) filed on 02 January 2001 and 25 May 2003 . 
2a)D This action is FINAL. 2b)IS This action is non-final. 
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5) D Claim(s) is/are allowed. 
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Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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DETAILED ACTION 
Specification 

1. The title of the invention is not descriptive. A new title is required that is clearly indicative 
of the invention to which the claims are directed. 

Claim Objections 

2. Claim 5 objected to because of the following informalities: 

a. As per claim 5 Line 2 Applicant recites "filer" Examiner suspects a grammatical error 
in which the word Applicant is trying to convey is "filter." Examiner asks Applicant to either 
concur with the statement or provide a concise definition of the word "filer." 

Claim Rejections - 35 USC §102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

b. A person shall be entitled to a patent unless - 

c. (e) the invention was described in a patent granted on an application for patent by 
another filed in the United States before the invention thereof by the applicant for patent, or 
on an international application by another who has fulfilled the requirements of paragraphs 
(1), (2), and (4) of section 371(c) of this title before the invention thereof by the applicant for 
patent. 

4. The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 do not 
apply when the reference is a U.S. patent resulting directly or indirectly from an international 
application filed before November 29, 2000. Therefore, the prior art date of the reference is 
determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre-AIPA 35 U.S.C. 102(e)). 

5. Claim(s) 1-18 is/are rejected under 35 U.S.C. 102(e) as being anticipated by 
Donaldson et ah (US Patent No. 6,321,267 and Donaldson hereinafter). 
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6. As per claim(s) 1 Donaldson discloses packet verification means for verifying whether there 
abnormality contents a received DNS (domain name system) packet before transmitting it to a DNS 
server, (See Column 14 Lines 30-67); and error response means for generating an error response 
packet and transmitting request source if an abnormality detected, (See Column 15 Lines 1-56). 

7. As per claim(s) 2 Donaldson teaches the claimed invention as described in claim(s) 1 above 
and furthermore discloses said packet verification means checks a DNS packet for obtaining 
information on a host name, a domain name, and an IP (Internet protocol) address transmitted from 
a network outside an organization by a person outside the organization using a DNS protocol, (See 
Column 17 Lines 1-17); and wherein said error response means generates an error response packet 
and transmits a request source when detecting an abnormality, thereby preventing the person 
outside the organization from invading a network of the organization by the organization and 
preventing the DNS server from operating abnormally by receiving a packet having an abnormal 
format, (See Column 17 Lines 38-67 & Column 18 Lines 1-31). 

8. As per claim(s) 3 Donaldson teaches the claimed invention as described in claim(s) 1-2 above 
and furthermore discloses said packet verification means checks a DNS packet for obtaining 
information on a host name, domain name, and an IP address transmitted DNS server belonging to 
a network outside the organization from terminal inside the organization using the DNS protocol, 
(See Column 17 Lines 1-38); and wherein said error response means generates an error response 
packet and transmits it a request source when detecting an abnormality, thereby preventing said 
DNS server belonging to the network outside the organization from operating abnormally, (See 
Column 17 Lines 38-67 8b Column 18 Lines 1-31). 

9. As per claim(s) 4 Donaldson teaches the claimed invention as described in claim(s) 1-3 above 
and furthermore discloses adding and deleting means for adding deleting abnormality detecting 
conditions of the DNS packet, (See Column 18 Lines 12-31). 
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10. As per claim(s) 5 Donaldson teaches the claimed invention as described in claim(s) 1-4 above 
and furthermore discloses A firewall apparatus wherein there is mounted said DNS server filter 
apparatus claimed in one of claim 1, (See Column 16 Lines 26-65). 

11. As per claim(s) 6 Donaldson teaches the claimed invention as described in claim(s) 1-5 above 
and furthermore discloses a packet filtering firewall apparatus; a DNS packet filter apparatus 
according one of claim 1 to communicate with the firewall apparatus; and a DNS server for 
communicating with said packet filter apparatus, (See Column 16 Lines 26-64). 

12. As per claim(s) 7 Donaldson discloses a packet receiving section for receiving an inquiry 
from a terminal or a DNS server and a response packet from a DNS server, (See Column 2 Lines 48- 
67); a session management section for managing inquiry packets and response packets for an entire 
control, having a session management table for managing inquiry requests, (See Column 5 Lines 39- 
67); a packet verification section for verifying whether the inquiry packet or the response packet is 
abnormal a request generating section for generating an inquiry packet to the DNS server; a 
response generating section for generating a response packet to be returned to a transmission 
source of the inquiry packet; a packet transmitting section for transmitting the inquiry packet and 
the response packet; and response means for verifying whether there is any abnormality in contents 
of the received packet in a DNS protocol before transmitting the packet to the DNS server regarding 
the received packet in the DNS protocol and generating an error response packet to transmit it to a 
request source if an abnormality is detected, (See Column 14 Lines 43-67 8b Column 15 Lines 1-56). 

13. As per claim(s) 8 Donaldson teaches the claimed invention as described in claim(s) 7 above 
and furthermore discloses a calling management section for controlling operations of selecting and 
executing a verification program to be executed by referring to an attribute of said verification 
program, having a program management table containing entry point address information of the 
verification program, priority information of executing the verification program, and attribute 
information of the verification program, (See Column 15 Lines 1-65); a storage device in which the 
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verification program is stored, (See Column 10 Lines 39-67 8b Column 11 Lines 1-16); a load 
management section for loading an execution file of a verification program specified by a 
management tool or by a setting file on a memory, for initializing the loaded verification program, for 
registering an entry point of the verification program onto said program management table of said 
calling management section together with the obtained attribute, and for controlling a verification 
program specified to be deleted by said management tool so as to be released, (See Column 16 Lines 
12-19); and a service routine comprising a subroutine group for utilizing functions of a DNS server 
filter body called by the executed verification program, (See Column 15 Lines 20-35). 

14. As per claim(s) 9 Donaldson teaches the claimed invention as described in claim(s) 7-8 above 
and furthermore discloses a pointer to a request packet, an IP address of a request source which 
has issued an inquiry request, a port number of the request source which has issued the inquiry 
request, and a flag indicating whether the inquiry request has been transferred to another DNS 
server if the inquiry request has a normal packet format; wherein said packet receiving section 
receives a DNS packet and then transmits the packet to said session management section, (See 
Column 14 Lines 43-67); and wherein said session management section makes settings of an IP 
address of a transmission source of the received packet, a port number of the received packet, and a 
flag value indicating "Testing" in said session management table, transmits the received packet to 
said packet verification section to request a packet verification, checks a type of said received packet 
to judge whether it is an inquiry request if there is any problem in contents of the verification as a 
result of the verification of said received packet in said packet verification section; wherein if it is 
judged to be an inquiry request as a result of the judgment, the session management section 
requests said response generating section to generate an error response packet, (See Column 15 
Lines 1-40) requests said packet transmitting section to transmit the generated packet to a 
destination specified by the request source IP address and the request source port number on said 
session management table, and deletes information registered in said session management table 
regarding the received packet to release the received inquiry request packet; and wherein unless it is 
an inquiry request, the session management section searches said session management table to 
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fetch a part related to an original inquiry request, requests said response generating section to 
generate an error response packet based upon an inquiry request packet by referring to the inquiry- 
packet from the request packet pointer of an entry of said searched session management table, 
requests said packet transmitting section to transmit the generated response packet to a destination 
specified by the request source IP address and the request source port number on said session 
management table, deletes information registered in said session management table regarding the 
received response packet to release the response packet and deletes the entry registered in said 
session management table regarding the inquiry request corresponding to the response packet, (See 
Column 15 Lines 41-61 85 Column 16 lines 1-19). 

15. As per claim(s) 10 Donaldson teaches the claimed invention as described in claim(s) 7-9 
above and furthermore discloses said session management section checks a type of the received 
packet if there is no problem as a result of the packet verification performed in said packet 
verification section, searches said session management table for information on the inquiry request 
corresponding to the response packet if it is a response packet, and verifies whether the received 
response packet can be a response to the original inquiry request; wherein if there is a need for 
making an additional inquiry as a result of said verification, said session management section 
determines the next inquiry destination from the information of the received response packet, 
requests said request generating section to generate an inquiry request packet, requests said packet 
transmitting section to transmit it to the next inquiry destination, and deletes information on the 
response packet in progress of the received inquiry from said session management table to release 
the response packet; and wherein if the received response packet can be a response to the original 
inquiry request packet as a result of said verification, the session management section requests said 
response generating section to generate a response packet to the original inquiry request reflecting 
the result of the response packet of receiving the response packet, requests said packet transmitting 
section to transmit it to the transmission source of the original inquiry request, deletes information 
related to the received response packet from said session management table, and deletes 
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information related to the original inquiry request from said session management table to release 
the response packet, (See Column 15 Lines 1-67 & Column 16 Lines 1-64). 

16. As per claim(s) 11 Donaldson teaches the claimed invention as described in claim(s) 7-10 
above and furthermore discloses said session management section checks a type of the received 
packet if there is no problem as a result of the packet verification in said packet verification section, 
checks a transmission source of the received packet if the received packet is an inquiry request and 
then unless said transmission source is a network inside an organization issuing an inquiry, 
determines a DNS server outside the organization to which an inquiry is issued first to meet the 
inquiry request of a network outside the organization, requests said request generating section to 
generate an inquiry request based upon the original inquiry request, and requests said packet 
transmitting section to transmit the inquiry to said determined DNS server, or if said transmission 
source is the network inside the organization issuing the inquiry, requests said request generating 
section to generate an inquiry request packet base upon the received inquiry request packet, 
requests said packet transmitting section to transmit the inquiry packet to the DNS server, sets a 
"Inquiring" value to the flag among the entries of said session management table corresponding to 
the received packet, and sets a pointer to the received packet to the pointer of the entry on said 
session management table, (See Column 15 Lines 1-67 85 Column 16 Lines 1-64). 

17. As per claim(s) 12 Donaldson teaches the claimed invention as described in claim(s) 7-11 
above and furthermore discloses a cache memory (i.e., memory) previously stores DNS server 
information, (See Column 10 Lines 60-67 8b Column 1 1 Lines 1-5). 

18. As per claim(s) 13 Donaldson discloses packet receiving processing for receiving an inquiry 
from a terminal or a DNS server in the DNS protocol and a response packet from a DNS server via a 
communication apparatus, (See Column 2 Lines 48-67); session management processing for 
managing inquiries and response packets for an entire control, having a session management table 
for managing the inquiry requests, (See Column 10 Lines 39-67); packet verification processing for 
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verifying whether an inquiry or a response packet is abnormal; request generation processing for 
generating an inquiry packet to a DNS server; response generation processing for generating an 
inquiry packet to the DNS server; response generation processing for generating a response packet 
to be returned to a transmission source of the inquiry packet; packet transmission processing for 
controlling an operation so as to transmit an inquiry and a response packet through a 
communication apparatus; and DNS server filter processing for verifying whether there is any 
abnormality in contents of the packet before transmitting the packet to the DNS server regarding the 
received DNS packet; if an abnormality is detected, it generates and transmits an error response 
packet, (See Column 14 Lines 43-67 8b Column 15 Lines 1-56). 

19. As per claim(s) 14 Donaldson teaches the claimed invention as described in claim(s) 13 
above and furthermore discloses wherein said program management table comprises entry point 
address information of the verification program, priority information of executing the verification 
program, and attribute information of the verification program; wherein the calling management 
processing is performed for selecting and executing a verification program to be executed by 
referring to the attribute of said verification software, (See Column 15 Lines 1-65); and wherein the 
load management processing is performed for loading an execution file of the verification program 
specified by a management tool or a setting file on a memory, for initializing the loaded verification 
program, for registering an entry point of the verification program together with an obtained 
attribute on said program management table, and for releasing a verification program specified to be 
deleted by said management tool from the memory, (See Column 16 Lines 12-19). 

20. As per claim(s) 15 Donaldson teaches the claimed invention as described in claim(s) 13-14 
above and furthermore discloses a group of recording media is divided into a plurality of portions, 
(See Column 15 Lines 20-35) and said portions are recorded on said media, respectively, (See 
Column 10 Lines 39-67 8b Column 11 Lines 1-16). 
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21. As per claim(s) 16 Donaldson teaches the claimed invention as described in claim(s) 13-15 
above and furthermore discloses a group of recording media is divided into a plurality of portions, 
(See Column 15 Lines 20-35) and said portions are recorded on said media, respectively, (See 
Column 10 Lines 39-67 & Column 11 Lines 1-16). 

22. As per claim(s) 17 Donaldson discloses a packet receiving processing for receiving an inquiry 
from a terminal or a DNS server in the DNS protocol and a response packet from the DNS server via 
a communication apparatus, (See Column 2 Lines 48-67); session management processing for 
managing the inquiry and the response packet for an entire control using a session management 
table for managing inquiry requests, (See Column 10 Lines 39-67); packet verification processing for 
verifying whether the inquiry and the response packet are abnormal request generation processing 
for generating an inquiry packet to the DNS server; response generation processing for generating a 
response packet returned to a transmission source of the inquiry packet; packet transmission 
processing for controlling an operation to transmit the inquiry and the response packet via the 
communication apparatus; and DNS server filter processing for verifying whether there is any 
abnormality in contents of the received DNS packet before transmitting the packet to the DNS server 
regarding the received DNS packet and for generating and transmitting an error response packet 
when detecting an abnormality a group of recording media is divided into a plurality of portions, 
(See Column 15 Lines 20-35) and said portions are recorded on said media, respectively, (See 
Column 14 Lines 43-67 8b Column 15 Lines 1-56). 

23. As per claim(s) 18 Donaldson teaches the claimed invention as described in claim(s) 17 
above and furthermore discloses a program management table having entry point address 
information of the verification program, priority information for executing the verification program, 
and attribute information of the verification program, calling management processing for selecting 
and executing a verification program to be executed by referring to the attribute of said verification 
software, (See Column 15 Lines 1-65); and load management processing for loading an execution file 
of the verification program specified by a management tool or a setting file on a memory, for 
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initializing the loaded verification program, for registering an entry point of the verification program 
together with the obtained attribute on said program management table, and for releasing the 
verification program specified to be deleted by said management tool from the memory, (See Column 
16 Lines 12-19). 



24. Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Sajid A Yussuf whose telephone number is (703) 305-8752. The examiner can 
normally be reached on Monday-Thursday 7:30-5:00 PM and Alternate Fridays. 

25. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Rupal Dharia can be reached on (703) 305-4003. The fax phone number for the organization where 
this application or proceeding is assigned is 703-872-9306. 

26. Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications may 
be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR system, 
see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, 
contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Sajid Yussuf 
Patent Examiner 
Technology center 2100 
21 June 2004 
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